如何在 Azure DevOps 发布管道中连接 azaccount [英] How to connect-azaccount in Azure DevOps release pipeline
问题描述
在发布管道中,我尝试使用 Connect-Azaccount 连接到 Azure AD,以便我可以运行 Get-AzADgroup 来检索一些 Az AD 组名称及其 guid 并输出到变量.
我使用以下内联脚本创建了 Azure Powershell 任务.
(Get-AzADGroup -DisplayName "group-name").origin
看来您需要使用非交互式登录,请按照以下步骤操作.
1.
3.试试下面的脚本,使用你在步骤 1 中得到的值,它在我这边工作正常.
注意:当你使用Az
时,你需要使用Task version
和4.*(preview)
> powershell 模块.
$azureAplicationId ="<您的广告应用程序 ID>"$azureTenantId="<您的租户 ID>"$azurePassword = ConvertTo-SecureString "<你的广告应用的秘密>"-AsPlainText -Force$psCred = 新对象 System.Management.Automation.PSCredential($azureAplicationId, $azurePassword)Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal#我只是测试得到所有组,你可以做其他操作Get-AzADGroup
In the release pipeline, I am trying to connect to Azure AD by using Connect-Azaccount so I can run Get-AzADgroup to retrieve some Az AD group names and their guid and output to variables.
I created Azure Powershell task with the following inline script.
(Get-AzADGroup -DisplayName "group-name").origin
It seems you need to use a non-interactive login, follow the steps as below.
1.Create an Azure Active Directory application and create a secret for the app, save the secret and get values for signing in.
2.In your AD App -> API permissions
-> Add a permission
-> select Azure Active Directory Graph
-> Application permissions
-> Directory.Read.All
-> click Add permissions
-> click Grant admin consent for xxx
, refer to the screenshot.
3.Try the script as below, use the values which you get in step 1, it works fine on my side.
Note: You need to use the Task version
with 4.*(preview)
when you use Az
powershell module.
$azureAplicationId ="<your ad app application id>"
$azureTenantId= "<your tenant id>"
$azurePassword = ConvertTo-SecureString "<the secret of your ad app>" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($azureAplicationId , $azurePassword)
Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal
#I just test to get all groups, you could do other operations
Get-AzADGroup
这篇关于如何在 Azure DevOps 发布管道中连接 azaccount的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!